I have a console app that's geared to be automatically ran as a Scheduled Task. I use LINQ to SQL to pull some data out of the database, format it into a CSV and email it to a client. All of a sudden I am getting the error "SELECT permission denied for table", but the account I'm using to connect to the database (specified in my app.config file) has the "sysadmin" server role (bad programmer, I know; I'll get around to changing it to a better account later but I want to make sure it works first).
I can connect directly to the SQL database using that very same account and query the table in question without a problem, it only seems to be when using the LINQ code. Any idea what would be causing this?
Same server and database?
The error should actually say something like "does not exist or do not have permission". Now, if you're sysadmin then permission is irrelevant so table must not exist where you think it is
Ideas:
Wrong server
Client SQL alias pointing to wrong server
Wrong DB context
Wrong schema (eg SELECT * FROM bob.myTable should be SELECT * FROM fred.Mytable)
Try SELECT ##SERVERNAME, DB_NAME() (or Linq equivalent) to see where you are as a first step...
Related
I am managing to connect to data in my organisation via Denodo Design Studio fine, but when I try to do it through DBeaver, I get the following error: SQL Error [20100] [HY000]: The user does not have EXECUTE privileges on the view XXXX
Any idea where I should look to fix this? I am just doing a simple SELCT * FROM XXXX table query for a small table.
I also have no issues connecting to the database, and can navigate the schemas and see the table/view names.
Using Denodo denodo-vdp-jdbcdriver-8.0-update-20220815 via the DBeaver Denodo connector.
I have connected to a Datamart via SSMS. Behind the Datamart is an Azure SQL database.
I am trying to find out my username. I used the following query:
SELECT USER_NAME();
I get this error:
Unsupported sql function USER_NAME. Line:1, Position:8
I have combed the internet but I have not come across something that works yet.
in MS SQL SERVER you must use
SELECT CURRENT_USER;
The op wrote in the comment, that he needed to close the open query box and open a new one, after that it works, like a charme.
or to get the windows user mame of the logged in user
SELECT SUSER_NAME() LoggedInUser
We use Azure SQL Database, and therefore had to jump through some hoops to get cross-database queries set up. We achieved this following this great article: https://techcommunity.microsoft.com/t5/azure-database-support-blog/cross-database-query-in-azure-sql-database/ba-p/369126 Things are working great for most of our databases.
The problem comes in for one of our databases which is read-only. The reason it's read-only is b/c it is being synced from another Azure SQL Server to derive its content. This is being achieved via the Geo-Replication function in Azure SQL Database. When attempting to run the query GRANT SELECT ON [RemoteTable] TO RemoteLogger as seen in the linked article, I of course get the error "Failed to update because the database is read-only."
I have been trying to come up with a workaround for this. It appears user permissions are one of the things that do NOT sync as part of the geo-replication, as I've created this user and granted the SELECT permission on the origin database, but it doesn't carry over.
Has anyone run into this or something similar and found a workaround/solution? Is it safe/feasible to temporarily set the database to read/write, update the permission, then put it back to read-only? I don't know if this is even possible - I was told by one colleague that they think it will throw an error along the lines of "this database can't be set to read/write b/c it's syncing from another database..."
I figured out a work-around: Create a remote connection to the database on the ORIGIN server. So simple, yet it escaped me until now. Everything working great now.
Why not asking on dba.stackexchange: the description says it is for professionals, which I am not and SO has its "for enthusiasts" part.
I have an error
"Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'"
This is a common error with several possible reasons and solutions. The problem is that I have no knowledge of the database and server administration and credentials authentication topics, thus I will need to spend some significant time understanding what is being said and proposed.
Before I do that I would like to ask if it might be possible for me not to be able to solve the problem due to technical limitations. I will describe the situation in more detail now.
There is an MS SQL Server A with database Adb and table dbo.At. I can read from it. There is also an MS SQL Server B. I can read and write here.
I have MS SQL Server Management Studio 2012 open on my computer. I have a connection with server A open with query "select * from Adb.dbo.At" which works just fine. The connection used Windows Authentication.
I have a connection with server B (Windows Authentication as well) with query "select * from A.Adb.dbo.At" which results in the aforementioned error.
At this point I do have read access to A, I have read and write access to B. I can export data from A and then import it to B using my computer, i.e. I can do a kind of a copy paste and I will end up having what I want. There is no insurmountable wall between these 2 servers with me being the middle man. I simply would like to make it easier. Before I dwell on SPNs, delegations, Kerberos, Active Directory and whatnot I would like to ask if, assuming that I have nothing more than read on A and read/write on B, I might not be able to solve the issue?
It seems I have a "double hop" problem.
https://blogs.technet.microsoft.com/askds/2008/06/13/understanding-kerberos-double-hop/
I have found a workaround. I can use Server Agent on server B. Using this I can use the server to perform some actions, for example query other servers. The Agent jobs are of a specific type (like T-SQL script). For specific job types the Agent can run the jobs in "run as" mode (requires a proxy). I created a proxy referring to my normal Windows login. Sadly T-SQL script type job cannot be executed in "run as" mode. But PowerShell type job can. PowerShell can also execute SQL statements. Thus I have created PowerShell job running with proxy with the command being:
SQLCMD -Q "select * into Bdb.dbo.Bt from A.dbA.dbo.At" -E
This solved my problem.
I have created a local db using SQLEXPRESS through Visual Basic.
I intend to use LINQ to connect to the database from the application. Here is my statement to initially connect to the database:
Dim db As New DataContext("Data Source=localhost\SQLEXPRESS; Initial Catalog=master; Integrated Security=True;")
Ideally, my database would be entered for Initial Catalog, but that was giving me authentication errors for some reason. Now that this statement executes, my next step is to connect to my specific database. However, when I try to connect with a statement like this:
Dim TestCommand = db.ExecuteCommand("Use MyDB.mdf")
I get an error that the database does not exist.
When I query my database with the following commands:
SELECT name FROM master.sys.databases
The returned values are master, tempdb, model, msdb, and C:USERS\MY NAME\DOCUMENTS\MyDB.mdf
I have tried the above "TestCommand" writing out the directory for the database, but I get an error at "C:".
So, my db exists, but can someone explain to me the syntax I should use to "USE" my database?
You should not use the use command this way! You must connect to the application's database directly by setting it as Initial Catalog. If you're not authorized to do so, a use command won't let you either, by the way. So you have to fix the authorization for the database: create a login for your windows account in Sql Server Management Studio and grant it read/write access to the application's database.